SINGAPORE - Banks and large retailers will be the key targets of cyber criminals next year.
"The bad guys are going for the 'buffaloes', hacking into large organisations to steal millions of personal details," said Mr Raimund Genes, chief technology officer of security firm Trend Micro.
"Attacking these institutions with millions of customers is worth more than hacking individuals for their personal information," he told The Sunday Times on a recent visit to Singapore.
The mobile phone is another target for cyber criminals next year, he said.
Apple and Windows-based mobile apps, he explained, are generally safe because both Apple and Microsoft have rigorous approval processes to vet apps before they are distributed. But Google apps do not go through this process, he said.
"These apps, as well as premium hotline services like the ones used for sex services, can be used by cyber criminals to drop malicious software into the phones to steal information like contact details or passwords used to access bank accounts."
More worrying for corporations is that smartphones and tablets are also routinely used by consumers to access business data.
After all, this is the era of "BYOD" or "bring your own device" - where corporations let employees use their own devices to access corporate data. So the risk of losing confidential information and trade secrets through mobile phones is very high, SingTel chief executive (group enterprise) Bill Chang told The Sunday Times.
Cyber security incidents are at epic levels this year. Virtually every industry across the world has been hit by some form of cyber threat.
There have been a colossal 42.8 million attacks this year, up 48 per cent from last year, said The Global State of Information Security Survey 2015 report - a joint effort by consulting firm PricewaterhouseCoopers (PwC) and two US-based magazines, CIO and CSO.
Released early this month, the survey - which had 9,700 respondents - found that the global cost of detected cybercrime incidents has exceeded US$23 billion (S$29.3 billion) this year. In reality, the figure is much larger because many organisations have not reported attacks for fear of reputational loss and lawsuits. In some cases, there are also no regulatory demands that cyber breaches be reported.
According to research firm Forrester, corporate espionage costs US companies about US$500 billion yearly. When bad guys steal intellectual property or research and development plans, they sell them to competing corporations which can shave off years of R&D and millions of dollars in costs.
Experts say there is a variety of new threats to contend with now.
For example, organised cyber criminal gangs operate in the shadowy depths of the Internet called the Dark Web.
Designed to be untraceable and inaccessible to regular search engines like Google, the Dark Web operates like the eBay of the underground, said Trend Micro's Mr Genes. This is where criminals buy, sell and trade stolen data, new attack tools and intelligence.
The Dark Web is always looking for a new cash cow, said Mr Genes. A trending cash cow is zero day exploits, which are online vulnerabilities for which there is no software solution.